Marriott International suffers a data breach

30 Nov 2018

Marriott International hotel group revealed it suffered a data breach affecting 500000 of customers, making it one of the largest data breaches reported. Marriott learned in September 2018 that unauthorized access to the network of its Starwood’s division has been happening since 2014. In November 2018, Marriott discovered that an unauthorized party had copied and encrypted information. For approximately 327 million of guests, the information includes some combination of name, mailing address, phone number, email address, and passport number. For some, the information also includes payment card numbers encrypted using Advanced Encryption Standard encryption (AES-128) and payment card expiration dates. For the remaining guests, the information was limited to name and sometimes other data such as mailing address, email address, or other information. Marriott started notifying affected guests and as well as law enforcement as of 30 November.

Explore the issues

Cybersecurity is among the main concerns of governments, Internet users, technical and business communities. Cyberthreats and cyberattacks are on the increase, and so is the extent of the financial loss.

Yet, when the Internet was first invented, security was not a concern for the inventors. In fact, the Internet was originally designed for use by a closed circle of (mainly) academics. Communication among its users was open.

Cybersecurity came into sharper focus with the Internet expansion beyond the circle of the Internet pioneers. The Internet reiterated the old truism that technology can be both enabling and threatening. What can be used to the advantage of society can also be used to its disadvantage.

Cybercrime is crime committed via the Internet and computer systems. One category of cybercrimes are those affecting the confidentiality, integrity and availability of data and computer systems; they include: unauthorised access to computer systems, illegal interception of data transmissions, data interference (damaging, deletion, deterioration, alteration of suppression of data), system interf

GIP Digital Watch

Submit Content

The GIP Digital Watch observatory reflects on a wide variety of themes and actors involved in global digital policy and Internet governance. We welcome information and documents from your organisations. Submitted content will be reviewed and published by our team of knowledge curators.
You can submit your content at digitalwatch@diplomacy.edu